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Amendments to the Claims: 

The following listing of claims will replace all prior versions, and listings, of claims 
in the application: 

L (Currently Amended) A method for control and maintenance of an operational 
organizational structur e, involving cryptographic control and maintenance of entities within 
one or more organizations^ the method "being automated using a computing device, the 
method comprising olcotronically : 

associating electronic representations of entities with cryptographic capabilities; 

organizing entities within the organizational structure as role s through associating the 
electronic representations of entities with electronic representations of roles: and 

upon any addition, deletion or modification of an entity, a cryptographic capability, or 
any of their associations, m aintaining roles v^thin the organizational structure by adding, 
deleting or modifying electronic representations of the entities^ cryptographic capabilities, 
roles, or any of their associations . 

2, (Original) A method as in claim 1, wherein the method involves at least a public 
key infirastnicture operation. 

3. (Original) A method as in claim 1 wherein the control and maintenance further 
comprises: 

assigning elements in said organizational structure to roles within said organizational 
structure. 

4, (Original) A method as in claim 1 wherein the control and maintenance further 
comprises: 

assigning elements in said organizational structure to groups within said 
organizational structure. 

5. (Canceled) 
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6. (Original) A method as in claim 3 wherein at least some of said elements are 
already grouped elements. 

7. (Previously Presented) A method as in claim 1 wherein said method involves 
access control technology. 

8. (Previously Presented) A method as in claim 1 wherein said method involves at 
least an access control operation. 

9. (Previously Presented) A method as in claim 1 wherein said method involves at 
least a data-base operation. 

10. (Previously Presented) A method as in claim 1 wherein said method involves at 
lea$t one operation implemented in a hardware device. 

1 L (Previously Presented) A method as in claim 1 wherein the operational 
organizational structure represents at least one commercial organization. 

12. (Previously Presented) A method as in claim 1 wherein the operational 
organizational structure represents at least two organizations, and wherein one of said 
organizations performs at least one function on behalf of another of said organizations. 

13. (Currently Amended) A method as in claim 1 wherein the method further 
comprises changing software whose authorization is checked , 

14. (Previously Presented) A method as in claim 1 wherein the method further 
comprises changing hardware, 

15. (Previously Presented) A method as in claim 1 wherein the method flirther 
comprises moving hardware. 
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16. (Currently Amended) A system for control and maintenance of an operational 
structure involving at least one cryptographic method, entities within organizations, 
characteristics of said entities and relationships between said entities, wherein the system 
comprises code executable by a computing device to o eai^risc s: 

maintainiftg electronic representations of capabilities of entities; 

maintaining electronic representations of f linctions of entities; 

maintaining electronic representations of characteristics of entities; 

mainiainiftg electronic representations of r elationships of entities; and 

changeifig the maintained electronic representations of said entities said 
characteristics and said relationships upon an addition, deletion, or modification of ^ 
characteristic or relationship of the entities . 

17. (Previously Presented) A system as in claim 16 where at least one of said entities 
is an individual in an organization. 

1 8 . (Previously Presented) A system as in claim 1 6 where at least one of said entities 
is a group of individuals in an organization- 

19. (Original) A system as in claim 16 where at least one capability is a role in an 
organization. 

20. (Original) A system as in claim 16 where at least one capability is a task in an 
organization. 

21 . (Original) A system as in claim 1 6 where at least one function is an operation by a 
functionary in an organization, 

22. (Original) A system as in claim 1 6 where at least one function is an operation by a 
group of functionaries in an organization. 
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23. (Original) A system as in claim 16 where said entities in an organization are 
represented in a public key infrastructure directory, 

24. (Original) A system as in claim 16 where at least one of said characteristics and 
said relationships is represented in a directory, 

25. (Previously Presented) A system as in claim 16 where at least one of said 
characteristics, at least one of said relationships, or both is represented in a public key 
infrastructure directory, 

26. (Previously Presented) A system as in claim 16 where an operation of said system 
involves updating at least one directory. 

27. (Previously Presented) A system as in claim 16 where an operation of said system 
involves updating at least one public key infrastructure directory. 

28. (Currently Amended) A system as in claim 16 where said code to c hange ing of th e 
said maintained elements comprises code to c hange ef-information processing control 
structure. 

29. (Currently Amended) A system as in claim 16 where said code to c hange ing of the 
said maintained elements comprises code to c hange ofcryptographic certification infonuation 
within the public-key infrastructure directories. 

30. (Currently Amended) A system as in claim 16 where said code to changeiBg 
of the said maintained elements comprises code to c hange ef^tabases. 

3 1 . (Currently Amended) A system as in claim 1 6 where said code to changeiBg 
of the said maintained elements comprises code to c hange o^cryptographic certification 
information within the public-key infrastructure directories and further database changes. 
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32. (Original) A system as in claim 16 where said entities, said characteristics and 
said relationships are maintained by combining databases components and components of 
certification authorities of a public key infrastructure. 

33. (Original) A system as in claim 16 where said entities are represented in one 
directory and said characteristics and said relationships are represented in a second directory. 

34. (Currentiy Amended) A system as in claim 16 where said entities are 
represented in at least a_first directory and said characteristics and said relationships are 
represented in at least a_second directory, 

35. (Original) A system as in claim 16 comprising observers, where said entities said 
characteristics and said relationships are partially visible to various observers. 

36. (Previously Presented) A system as in claim 16 where an operation of said system 
comprises cryptographic key management operations. 

37. (Previously Presented) A system as in claim 16 where an operation of said system 
is activated by at least one designated entity amongst said entities. 

38. (Previously Presented) A system eis in claim 16 where an ojjcration of said system 
is activated based on agreed upon rules. 

39. (Previously Presented) A system as in claim 16 where an operation of said system 
is activated based on authorizations. 

40. (Previously Presented) A system as in claim 16 where an operation of said system 
comprises database maintenance operations involving said entities said characteristics and 
said relationships. 
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41. (Original) A system as in claim 16 where said characteristics and said 
relationships define authorization roles. 

42. (Original) A system as in claim 16 wkere said characteristics and said 
relationships define authorization rules based on access structure. 

43. (Original) A system as in claim 16 where said characteristics and said 
relationships define authorization rules based on cryptographic capability. 

44. (Original) A system as in claim 16 where said characteristics and said 
relationships define authorization rules based on shared cryptographic capability. 

45. (Original) A system as in claim 16 with the additional operations of logging said 
system's operations. 

46. (Original) A system as in claim 1 6 with the additional operations of logging said 
system's operations, where said logging is performed in various locations in said system. 

47. (Original) A system as in claim 16 with the additional operations of monitoring 
operations within said system. 

48* (Original) A system as in claim 16 with the additional operations of time-stamping 
operations within said system. 

49. (Original) A system as in claim 16 where at least one of said system's operations 
is performed distributedly via communication. 

50. (Original) A system as in claim 16 where at least one of said system's operations 
is a distributed database operation. 
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51. (Original) A system as in claim 16 where at least one of said system's operations 
involves physical handling of devices to one of said entities. 

52. (Currently Amended) A database system representing an organization involving 
directories representing entities, their characteristics, roles, and relationships together with 
their associations with cryptographic capabilities, the database system comprising the 
following transactional components: 

coraiection to cryptographic authorities representing the cryptographic capabilities 
associated with said entities, said characteristics and said relationships; 

a maintenance system by which said database and said cryptographic authorities are 
maintained in coordination and by authorized parties assuring the representation of said 
organization and said cryptographic capabilities are soundly associated as defitied by the 
coordination directives;_and 

maintenance transactions acting within said maintenance system, maintaining a view 
representing an organization. 

53. (Original) A system as in claim 52 wherein said organization comprises a plurality 
of entities. 

54. (Original) A system as in claim 52 wherein said cryptographic authorities is a 
plurality of at least one certification authorities. 

56. (Original) A system as in claim 52 wherein said cryptographic authorities is a 
plurality of authorities organized hierarchically. 

57. (Original) A system as in claim 52 wherein said authorized parties are maintained 
by another instantiation of the system, 

58. (previously Presented) A system as in claim 52 wherein said authorized parties are 
assigned by management of said organization. 
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59. (Previously Presented) A system as in claim 52 wherein said coordinating 
directives involve cryptographic fields assuring integrity of the operation, 

60. (Original) A system as in claim 52 wherein said maintaining view representing an 
organization may present different characteristics and components to different oxjtside 
reviewers, 

61 . (Original) A system as in claim 52 wherein said cryptographic capabilities involve 
digital certificates. 

62. (Previously Presented) A system as in claim 52 wherein said organization 
comprises various organizational units. 

63. (Previously Presented) A system as in claim 52 wherein said organization 
comprises various organisational units where entities axe defined in one unit and their roles 
are defined within a second unit. 

64- (New) A method as in claim 1 where a plurality of entities are electronically 
visible to one part of the organization, a first set of outside viewers, or both, and roles or 
characteristics thereof axe electronically visible to another pan of the organization, a second 
set of outside viewers, or both, 

65. (New) A method as in claim 1 where maintaining of roles within the 
organizational structure is protected and can be perfonned only by an authorized party inside 
or outside the organization, 

66. (New) A system as in claim 16 where a plurality of entities are electronically 
visible to one part of the organization, a first set of outside viewers, or both, and roles or 
characteristics thereof are electronically visible to another part of the organization, a second 
set of outside viewers, ox both. 
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67, (New) A system as in claim 16 where change to the maintained electronic 
representations of said entities said characteristics or said relationships is protected and can 
be performed only by an authorized party inside or outside the organization. 
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